Consulting services

My information security consulting services include:
- Governance, risk management, and compliance (GRC)
- Security Threat and Risk assessments (STRAs)
- Risk management and assessments
- Third party risk management, including cloud security
- Resilience, business continuity, disaster recovery
- Compliance, privacy
- Security program design, organization, and business tie-in
- Security policies creation and management
- Security architecture and business bridging
- Security controls design
- Security awareness training

These services can be provided on a project basis and/or an ongoing part-time basis, for small to medium businesses, and a discounted rate applies for non-profits.  A subset of these services apply to high net worth (HNW) individuals and families.

I also enjoy mentoring start-ups on business, product, or security matters. Contact me if I might be of assistance.